#204 Allow gcc-c++.
Merged 10 months ago by jkaluza. Opened 10 months ago by ralph.

@@ -142,7 +142,7 @@ 

                      % (flask.g.user.username, name, value))

  

  

- def validate_json_data(dict_or_list, level=0):

+ def validate_json_data(dict_or_list, level=0, last_dict_key=None):

      """

      Checks that json data represented by dict `dict_or_list` is valid ODCS

      input. Raises ValueError in case the json data does not pass validation.

@@ -162,10 +162,14 @@ 

              if level != 0 or k not in ["source"]:

                  raise ValueError(

                      "Only 'source' key is allowed to contain dict.")

-             validate_json_data(v, level + 1)

+             validate_json_data(v, level + 1, k)

          elif isinstance(v, list):

              validate_json_data(v, level + 1)

          elif isinstance(v, six.string_types):

+             # Packages are stored in comps.xml, not in pungi.conf, so it is

+             # not exploitable.

+             if last_dict_key in ["packages"]:

+                 continue

              allowed_chars = [' ', '-', '/', '_', '.', ':', '#']

              if not all(c.isalnum() or c in allowed_chars for c in v):

                  raise ValueError(

@@ -88,6 +88,10 @@ 

          data = {"source": {"x": PropertyMock()}}

          self.assertRaises(ValueError, validate_json_data, data)

  

+     def test_validate_json_data_allowed_package(self):

+         data = {"packages": ["gcc-g++"]}

+         validate_json_data(data)

+ 

  

  class ViewBaseTest(ModelsBaseTest):

  

This is a valid package for a client to request in a compose.

rebased onto 2c3620c97bd571b83df0f8326dc0d575a90103ca

10 months ago

The jenkins failure can be ignored: a problem with the slave.

tox runs fine for me locally on this change.

rebased onto 5ce6431

10 months ago

Pull-Request has been merged by jkaluza

10 months ago